Netgear ProSafe Smart Wireless Switch review
Wireless networking in big businesses has never taken off to the level everyone hoped for, so the majority of vendors have turned their attention to the SMB. The biggest drawback to implementing wireless networks is, of course, security, and the last few months have seen a stampede of appliance-based solutions. Netgear is the latest to join the herd with its WFS709TP ProSafe Smart Wireless Switch.
This 1U rack system teams up with Netgear’s light access points, which operate similarly to Cisco’s Aironet AG products (web ID: 117871), as they can only take their configuration details from the switch. Essentially, you manage all your security requirements from the switch, which automatically deploys them to the APs. Along with two light AP models, the switch works with some other standard Netgear APs, but these must be repurposed.
For testing, we deployed the Netgear products in our test network, where the switch had access to a Windows Server 2003 R2 domain controller providing DHCP and DNS services. Switch installation won’t take long, as its browser interface fires up a quick-start (if a tad sluggish) wizard.
Netgear’s modus operandi is simple, as switch ports are placed in different VLANs, to which you apply WLAN policies. The latter contains an SSID, encryption settings and an authentication mode, which can be an external RADIUS server or the switch’s own local database. The switch uses the APs to monitor the airwaves and considers any other AP a rogue if it’s physically cabled to the network, or just interfering if it’s broadcasting in the same vicinity. Rogue APs can be disabled via policies where clients are disassociated from them, but we’re surprised Netgear gave no warning of this feature, as it can get you into a lot trouble if improperly used. The Monitor tab provides a range of details about wireless activity, where you can view rogue and interfering APs and check on wireless performance. You also get a mapping feature to help with AP deployment, which is quite rudimentary in operation but could prove useful.
For testing, we kept one AP in the Labs and placed a second 50m away, then powered it over PoE through the building network infrastructure. TheAPs locate the switch and take their configuration from it, using ADP (Aruba Discovery Protocol). We didn’t think much of Netgear’s abilities to detect other APs, as it only found two more in our office block – Cisco’s Wireless LAN controller and Aironet partnership found 14. Also, the only APs Netgear found were Aruba models. Client roaming worked well, though, as we associated our laptop with the AP in the Labs and set up a continuous ping of our domain controller. We wandered down the corridor and saw signal strength drop to around 20%, after which we were swapped over to the second AP. The ping timed out only twice and then continued unabated, making the process almost seamless.
If you can’t afford Cisco’s wireless security solution then Netgear is worth a look, although we were unimpressed with its ability to locate other APs, and the network planning facilities aren’t up to much, either.